AttackFeed by Joe Wagner | Username Enumeration - elggv6.3.3  - Full Disclosure

Username Enumeration – elggv6.3.3  – Full Disclosure

Posted on By Joe-W
Alert Feeds

 

Posted by Andrey Stoykov on Jan 29

# Exploit Title: Elgg – Username Enumeration
# Date: 1/2026
# Exploit Author: Andrey Stoykov
# Version: 6.3.3
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2026/01/friday-fun-pentest-series-47-lack-of.html

// HTTP Request – Resetting Password – Valid User

POST /action/user/requestnewpassword HTTP/1.1
Host: elgg.local
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:148.0)
Gecko/20100101 Firefox/148.0
Accept:…
 – Read More  – Full Disclosure 

You may also like

AttackFeed by Joe Wagner | SEC Consult SA-20260224-0 :: Multiple vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker (CVE-2025-10010)  - Full Disclosure
Alert Feeds
SEC Consult SA-20260224-0 :: Multiple vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker (CVE-2025-10010)  – Full Disclosure
March 12, 2026
AttackFeed by Joe Wagner | [SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection  - Full Disclosure
Alert Feeds
[SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection  – Full Disclosure
April 29, 2026
AttackFeed by Joe Wagner | CVE-2025-12758: Unicode Variation Selectors Bypass in 'validator' library (isLength)  - Full Disclosure
Alert Feeds
CVE-2025-12758: Unicode Variation Selectors Bypass in ‘validator’ library (isLength)  – Full Disclosure
January 29, 2026
AttackFeed by Joe Wagner | SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models  - Full Disclosure
Alert Feeds
SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models  – Full Disclosure
February 16, 2026
AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.